package ch.ti.bfh.app.loodel.internal.security;

import ch.ti.bfh.app.loodel.domain.member.Member;
import org.springframework.security.core.Authentication;

import javax.annotation.Resource;
import java.io.Serializable;

public abstract class AbstractOwnerPermission implements Permission {

    @Resource
    private InternalUserContext internalUserContext;

    protected InternalUserContext getInternalUserContext() {
        return internalUserContext;
    }

    @Override
    public boolean isAllowed(Authentication authentication, Serializable targetDomainObjectId) {
        return getOwner(targetDomainObjectId).equals(getInternalUserContext().getCurrentMember());
    }

    protected abstract Member getOwner(Serializable targetDomainObjectId);

}
